Sie können LINQ to Objects für die Auswertung von Collections verwenden, die den IEnumerable<> Interface implementieren. Im .NET Framework implementieren viele Collections den nötigen Interface und das gibt uns Entwickler die Möglichkeit, diese collections mit Hilfe vom LINQ to Objects auswerten zu können.
Mit dem folgenden Beispielcode können die Berechtigungen einer Datei ermittelnt und mit LINQ-Abfragen ausgewertet werden.
Die Informationen für die Berechtigungen werden mit Standard Klassen und Methoden des .NET Frameworks ermittelt.
using System;
using System.IO;
using System.Linq;
using System.Security.AccessControl;
using System.Security.Principal;
namespace ConsoleApplication3
{
class Program
{
static void Main(string[] args)
{
string directory = @"C:\AUTOEXEC.BAT";
WindowsIdentity winIdentity = WindowsIdentity.GetCurrent();
DirectorySecurity directorySec = Directory.GetAccessControl(directory, AccessControlSections.Access);
AuthorizationRuleCollection authorizationRuleCol = directorySec.GetAccessRules(true, true, typeof(SecurityIdentifier));
FileSystemAccessRule[] fileSystemAccRule = new FileSystemAccessRule[authorizationRuleCol.Count];
authorizationRuleCol.CopyTo(fileSystemAccRule, 0);
var qry = from rule in fileSystemAccRule
where (winIdentity.User == rule.IdentityReference || winIdentity.Groups.Contains(rule.IdentityReference))
select new
{
Directory = directory,
NTAccount = new SecurityIdentifier(rule.IdentityReference.ToString()).Translate(typeof(NTAccount)),
AccessControltype = rule.AccessControlType,
AppendData = (((int)FileSystemRights.AppendData & (int)rule.FileSystemRights) == (int)FileSystemRights.AppendData),
ChangePermissions = (((int)FileSystemRights.ChangePermissions & (int)rule.FileSystemRights) == (int)FileSystemRights.ChangePermissions),
CreateDirectories = (((int)FileSystemRights.CreateDirectories & (int)rule.FileSystemRights) == (int)FileSystemRights.CreateDirectories),
CreateFiles = (((int)FileSystemRights.CreateFiles & (int)rule.FileSystemRights) == (int)FileSystemRights.CreateFiles),
Delete = (((int)FileSystemRights.Delete & (int)rule.FileSystemRights) == (int)FileSystemRights.Delete),
DeleteSubdirectoriesAndFiles = (((int)FileSystemRights.DeleteSubdirectoriesAndFiles & (int)rule.FileSystemRights) == (int)FileSystemRights.DeleteSubdirectoriesAndFiles),
ExecuteFile = (((int)FileSystemRights.ExecuteFile & (int)rule.FileSystemRights) == (int)FileSystemRights.ExecuteFile),
FullControl = (((int)FileSystemRights.FullControl & (int)rule.FileSystemRights) == (int)FileSystemRights.FullControl),
ListDirectory = (((int)FileSystemRights.ListDirectory & (int)rule.FileSystemRights) == (int)FileSystemRights.ListDirectory),
Modify = (((int)FileSystemRights.Modify & (int)rule.FileSystemRights) == (int)FileSystemRights.Modify),
Read = (((int)FileSystemRights.Read & (int)rule.FileSystemRights) == (int)FileSystemRights.Read),
ReadAndExecute = (((int)FileSystemRights.ReadAndExecute & (int)rule.FileSystemRights) == (int)FileSystemRights.ReadAndExecute),
ReadAttributes = (((int)FileSystemRights.ReadAttributes & (int)rule.FileSystemRights) == (int)FileSystemRights.ReadAttributes),
ReadData = (((int)FileSystemRights.ReadData & (int)rule.FileSystemRights) == (int)FileSystemRights.ReadData),
ReadExtendedAttributes = (((int)FileSystemRights.ReadExtendedAttributes & (int)rule.FileSystemRights) == (int)FileSystemRights.ReadExtendedAttributes),
ReadPermissions = (((int)FileSystemRights.ReadPermissions & (int)rule.FileSystemRights) == (int)FileSystemRights.ReadPermissions),
Synchronize = (((int)FileSystemRights.Synchronize & (int)rule.FileSystemRights) == (int)FileSystemRights.Synchronize),
TakeOwnership = (((int)FileSystemRights.TakeOwnership & (int)rule.FileSystemRights) == (int)FileSystemRights.TakeOwnership),
Traverse = (((int)FileSystemRights.Traverse & (int)rule.FileSystemRights) == (int)FileSystemRights.Traverse),
Write = (((int)FileSystemRights.Write & (int)rule.FileSystemRights) == (int)FileSystemRights.Write),
WriteAttributes = (((int)FileSystemRights.WriteAttributes & (int)rule.FileSystemRights) == (int)FileSystemRights.WriteAttributes),
WriteData = (((int)FileSystemRights.WriteData & (int)rule.FileSystemRights) == (int)FileSystemRights.WriteData),
WriteExtendedAttributes = (((int)FileSystemRights.WriteExtendedAttributes & (int)rule.FileSystemRights) == (int)FileSystemRights.WriteExtendedAttributes)
};
bool canAppendData = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.AppendData == true select rule).Any();
bool canChangePermissions = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ChangePermissions == true select rule).Any();
bool canCreateDirectories = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.CreateDirectories == true select rule).Any();
bool canCreateFiles = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.CreateFiles == true select rule).Any();
bool canDelete = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.Delete == true select rule).Any();
bool canDeleteSubdirectoriesAndFiles = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.DeleteSubdirectoriesAndFiles == true select rule).Any();
bool canExecuteFile = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ExecuteFile == true select rule).Any();
bool canFullControl = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.FullControl == true select rule).Any();
bool canListDirectory = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ListDirectory == true select rule).Any();
bool canModify = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.Modify == true select rule).Any();
bool canRead = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.Read == true select rule).Any();
bool canReadAndExecute = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ReadAndExecute == true select rule).Any();
bool canReadAttributes = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ReadAttributes == true select rule).Any();
bool canReadData = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ReadData == true select rule).Any();
bool canReadExtendedAttributes = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ReadExtendedAttributes == true select rule).Any();
bool canReadPermissions = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.ReadPermissions == true select rule).Any();
bool canSynchronize = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.Synchronize == true select rule).Any();
bool canTakeOwnership = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.TakeOwnership == true select rule).Any();
bool canTraverse = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.Traverse == true select rule).Any();
bool canWrite = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.Write == true select rule).Any();
bool canWriteAttributes = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.WriteAttributes == true select rule).Any();
bool canWriteData = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.WriteData == true select rule).Any();
bool canWriteExtendedAttributes = (from rule in qry where rule.AccessControltype == AccessControlType.Allow && rule.WriteExtendedAttributes == true select rule).Any();
Console.ReadLine();
}
}
}
No comments:
Post a Comment